Warnings Over Ransomware Strain

The FBI is investigating a strain of ransomware with help from US firms.

The ransomware, known as MSIL/Samas, tries to encrypt data across entire networks rather than single computers.

The FBI sent out a request for help after discovering that the group used a publicly available security program called Jexboss to scan networks looking for vulnerable versions of the widely used JBoss software. 

Cisco had said it had seen a “widespread campaign” using Samas to target firms involved in healthcare.

Security analyst at Cisco, Nick Biasini, said in an advisory: "It is likely the malware author is trying to see how much people will pay for their files. They even added an option for bulk decryption of 22 bitcoin (£6,600) to decrypt all infected systems.”

The request for assistance comes as security firms warn about recently created ransomware variants, such as Petya, that use different methods to lock systems and force victims to pay.

Petya malware targets a key Windows system file called the Master Boot Record that helps a PC start up. Overwriting this file means people are prevented from getting to any data on their PC unless they pay up.  

Security firm Trend Micro said it had seen Petya distributed in email messages crafted to look like it was from someone looking for work. Trend security engineer, Jasen Sumalapao, said however that the CV attached is booby trapped with the program that launches Petya.

print this article

Return to internet news headlines
View Internet News Archive

Share with: